Geocodio: A HIPAA/HITECH Geocoding Service for Geocoding Patient Addresses (PHI)

With Geocodio's HIPAA/HITECH-compliant Enterprise product, you can standardize, parse, and complete patient addresses, as well as add geocodes and enrich patient address data with Census FIPS codes and more.

• Quickly convert PII and PHI addresses into latitude/longitude

• Clean up, standardize, parse, and complete patient addresses

• Built for high-volume uses. Geocode thousands or millions of patient addresses all in one simple request

• Append useful additional information like school districts, Census demographics, Congressional districts, and FIPS codes to PII and PHI

Are addresses considered PHI under HIPAA?

Yes, according to the US Department of Health and Human Services, addresses are considered PHI (Protected Health Information). HHS has specific rules for how to de-identify addresses. In no situation is the full address including the street address de-identified—a full address is always PHI. If you need to standardize or geocode patient addresses, you need to use a HIPAA-compliant geocoder with a signed BAA. Examples of HIPAA-compliant geocoders include Geocodio.

Can you de-identify/anonymize patient addresses so they are no longer considered PHI?

Yes, you can de-identify addresses so they are no longer PHI—but not the full address. According to HHS, here is how you de-identify patient addresses:

(B) All geographic subdivisions smaller than a state, including street address, city, county, precinct, ZIP code, and their equivalent geocodes, except for the initial three digits of the ZIP code if, according to the current publicly available data from the Bureau of the Census:(1) The geographic unit formed by combining all ZIP codes with the same three initial digits contains more than 20,000 people; and(2) The initial three digits of a ZIP code for all such geographic units containing 20,000 or fewer people is changed to 000

Can you geocode addresses that are considered PHI?

Yes—only if you use a HIPAA-compliant geocoder, or self-host a geocoder in a HIPAA-compliant environment. According to health researchers, "clinical epidemiology and patient-oriented health care research that incorporates neighborhood-level data is becoming increasingly common." Geocodio's Enterprise product is one such HIPAA/HITECH-compliant geocoding service.

Can you try Geocodio's Enterprise product before buying?

Yes! Onboarding a new vendor can take time when compliance is involved. So there shouldn't be any surprises about the data you'll get back or how the product works. You should be able to know exactly what you're buying and that it'll work for your needs—before you get Legal and IT Security involved.

Create a free demo account today to try our Enterprise service. You'll get 100 free lookup credits that you can use to try all of our APIs, data appends, and spreadsheet geocoding.

Note: When you're ready to upgrade, we'll sign a BAA. We can't sign BAAs on our Demo plan, so please only use test data. (Need test data? Go ahead and use this list of coffee shop locations.)

When you upgrade to a paid Enterprise plan, you'll be able to keep using the same API key and API endpoints, just with higher throughput.